-
Notifications
You must be signed in to change notification settings - Fork 3
/
fixtures.common.tfvars
135 lines (126 loc) · 3.59 KB
/
fixtures.common.tfvars
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
###########################################################
################## Global Settings ########################
# Setting region per test case to avoid AWS service quota limits
#region = "us-east-2" # target AWS region
#region2 = "us-east-1" # RDS backup target AWS region
name_prefix = "ci"
###########################################################
#################### VPC Config ###########################
vpc_cidr = "10.200.0.0/16"
secondary_cidr_blocks = ["100.64.0.0/16"] #https://aws.amazon.com/blogs/containers/optimize-ip-addresses-usage-by-pods-in-your-amazon-eks-cluster/
create_default_vpc_endpoints = false #setting to false to make ci faster
# new_bits is added to the cidr of vpc_cidr to chunk the subnets up
# public-a - 10.200.0.0/22 - 1,022 hosts
# public-b - 10.200.4.0/22 - 1,022 hosts
# public-c - 10.200.8.0/22 - 1,022 hosts
# private-a - 10.200.12.0/22 - 1,022 hosts
# private-b - 10.200.16.0/22 - 1,022 hosts
# private-c - 10.200.20.0/22 - 1,022 hosts
# database-a - 10.200.24.0/27 - 30 hosts
# database-b - 10.200.24.32/27 - 30 hosts
# database-c - 10.200.24.64/27 - 30 hosts
vpc_subnets = [
{
name = "public-a"
new_bits = 6
},
{
name = "public-b"
new_bits = 6
},
{
name = "public-c"
new_bits = 6
},
{
name = "private-a"
new_bits = 6
},
{
name = "private-b"
new_bits = 6
},
{
name = "private-c"
new_bits = 6
},
{
name = "database-a"
new_bits = 11
},
{
name = "database-b"
new_bits = 11
},
{
name = "database-c"
new_bits = 11
},
]
###########################################################
#################### EKS Config ###########################
cluster_version = "1.30"
# #################### EKS Addon #########################
# add other "eks native" marketplace addons and configs to this list
cluster_addons = {
vpc-cni = {
most_recent = true
before_compute = true
configuration_values = <<-JSON
{
"env": {
"AWS_VPC_K8S_CNI_CUSTOM_NETWORK_CFG": "true",
"ENABLE_PREFIX_DELEGATION": "true",
"ENI_CONFIG_LABEL_DEF": "topology.kubernetes.io/zone",
"WARM_PREFIX_TARGET": "1",
"ANNOTATE_POD_IP": "true",
"POD_SECURITY_GROUP_ENFORCING_MODE": "standard"
},
"enableNetworkPolicy": "true"
}
JSON
}
coredns = {
most_recent = true
timeouts = {
create = "10m"
delete = "10m"
}
}
kube-proxy = {
most_recent = true
}
aws-ebs-csi-driver = {
most_recent = true
configuration_values = <<-JSON
"defaultStorageClass": {
"enabled": true
}
JSON
timeouts = {
create = "10m"
delete = "10m"
}
}
# consider using '"useFIPS": "true"' under configuration_values for aws_efs_csi_driver
aws-efs-csi-driver = {
most_recent = true
timeouts = {
create = "10m"
delete = "10m"
}
}
}
enable_amazon_eks_aws_efs_csi_driver = true
enable_amazon_eks_aws_ebs_csi_driver = true
enable_gp3_default_storage_class = true
#################### Blueprints addons ###################
enable_aws_node_termination_handler = true
enable_cluster_autoscaler = true
enable_metrics_server = true
enable_aws_load_balancer_controller = true
enable_secrets_store_csi_driver = true
enable_external_secrets = true
enable_karpenter = true
enable_bottlerocket_update_operator = true
enable_cert_manager = true # dependency for bottlerocket_update_operator